The Risk Coalition has published its long-awaited final principles-based guidance for UK board risk committees – urging firms to adopt the principles early to meet the “challenging” framework. 

In its guidance report, titled ‘Raising the Bar’, the Risk Coalition outlines separate guidance of eight principles for board risk committees and nine principles for risk functions.

In the document, the Risk Coalition warns that elements of the guidance – in particular, its strong focus on accountability – “may prove challenging, or even contentious initially” for some organisations.

Professor
Michael Mainelli, alderman and sheriff of the City of London, and executive
chairman of Z/Yen Group, said in the foreword: “Though many of the principles
and guidance are well-established, Raising the Bar attempts to provide a
single, slim, authoritative document, some of whose recommendations are
challenging.”

As a result, the
Coalition is urging organisations to consider “early adoption” of the final
guidance.

The principles

The eight risk committee principles cover board accountability, composition and membership, risk strategy and risk appetite, principal risks and continued viability, risk management and internal control systems, risk information and reporting, risk culture and remuneration, chief risk officer and risk function independence and objectivity.

According to the final guidance, the board risk committee is primarily an advisory committee to the board, but the board “retains ultimate accountability for the organisation’s principal risks and for the overall effectiveness of its risk management arrangements”.

In addition, Principle
A8 sets out that the board risk committee should oversee the performance of the
chief risk officer and, in meeting this principle, should “periodically
challenge and assess the continued independence and objectivity of the chief
risk officer and risk function”.

The nine risk
function principles include independent risk oversight and challenge, independent
and objective perspective, risk governance and risk reporting.

The guidance
assumes that organisations operate what the Risk Coalition calls a ‘Three Lines
of Defence Model’, in which first line management is responsible for
risk-taking, the second line is responsible for providing “robust, independent
oversight and challenge” of first line risk-taking, while the third line provides
independent assurance over the organisation’s governance, risk and internal control
arrangements.

Dame Susan
Rice, chair of the Scottish Fiscal Commission and chair of the Banking
Standards Board, called the final guidance “sensible, helpful, understandable
and appealing” and added that it could have “a very significant impact”.

The Coalition
initially launched its Risk Guidance Initiative in 2018 to meet the need for
coherent, good practice guidance for board risk committees and risk functions
within the UK financial services sector.